Solved

Javabeans or Cookies

Posted on 2006-07-23
3
560 Views
Last Modified: 2012-08-13
Hi guys

I am mocking up a system with jsp pages and servlets (including Javabean classes) and SQL Server.  I am following the 3 teir design pattern, using jsps for the interface, serlvets for processing, and javabeans to hold information during the user's session.

I am a bit confused as to whether I need to use cookies.

So far I have used a Javabean instance to set information about the user that has logged in, so that I can use that information throughout the user's session.  For example, I can use the Javabean that has been set, to get the user's names, staff id, region and so forth.  So it seems to me when I want to know who the user is, I just need to get those properties from the java bean.

Do I need to consider using cookies, or will the fact that I am using Javabeans (not enterprise Javabeans) suffice?

Phil
0
Comment
Question by:pmccar06
3 Comments
 
LVL 4

Assisted Solution

by:pzepernick
pzepernick earned 65 total points
ID: 17162966
I would stick with your javabean / session implementation.  The only thing I usually store in a cookie is the user name they typed on the login page.  This way next time they come back I populate the user name for them.  

Paul
0
 
LVL 29

Accepted Solution

by:
bloodredsun earned 60 total points
ID: 17171070
As above, javabeans in the session will suffice.

Only use cookies if you have non-secure data that you want to persist over a number of visits, such as auto-login as this site uses. As the session is not sent to the user, it is far more secure so infomation like userid and password should never be set in the cookie.

Persistence of form information is also somehting that I would store in the sessions. For example, this is used in Struts for returning to the form when the entries have failed validation.
0
 

Author Comment

by:pmccar06
ID: 17173800
Hi guys

Thanks for your help.  Much appreciated.

Cheers Phil
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenario: Your operations manager has discovered an anomaly in your security system. The business will start to suffer within 15 minutes if it is a major IT incident. What should she do? We have 6 recommendations for managing major incidents (https:…
Note: This is the third blog post in a series on email clearinghouses (https://www.xmatters.com/alert-management/blog-email-has-failed-us?utm_campaign=70138000000ydLoAAI&utm_source=exex&utm_medium=article&utm_content=blog-post).   We’ve been talki…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now